package com.learn.project2.config.shiro;


import com.learn.project2.config.shiro.realm.AdminRealm;
import com.learn.project2.config.shiro.realm.WxRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;

/**
 * \* Author: Valley
 * \* Date: 2022/1/11
 * \* Time: 9:57
 * \* Description:
 */
@Configuration
public class ShiroConfig {

    @Autowired
    AdminRealm adminRealm;
    @Autowired
    WxRealm wxRealm;

    @Bean
    public ShiroFilterFactoryBean wxShiroFilterFactoryBean(@Qualifier("wxSecurityManager") DefaultWebSecurityManager securityManager){
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(securityManager);
        LinkedHashMap<String,String> chain = new LinkedHashMap<>();

        chain.put("/admin/auth/login","anon");
        chain.put("/admin/auth/info","anon");
        chain.put("/storage/upload","anon");
        chain.put("/admin/**","authc");
        chain.put("/wx/auth/login","anon");
        chain.put("/wx/storage/upload","anon");

        chain.put("/wx/home/index","anon");
        chain.put("/wx/auth/regCaptcha","anon");
        chain.put("/wx/auth/register","anon");
        chain.put("/wx/collect/addordelete","anon");
        chain.put("/wx/goods/category","anon");
        chain.put("/wx/goods/count","anon");
        chain.put("/wx/goods/list","anon");
        chain.put("/wx/goods/detail","anon");
        chain.put("/wx/goods/related","anon");
        chain.put("/wx/cart/goodscount","anon");
        chain.put("/wx/catalog/index","anon");
        chain.put("/wx/catalog/current","anon");
        chain.put("/wx/search/index","anon");
        chain.put("/wx/search/helper","anon");
        chain.put("/wx/search/clearhistory","anon");
        chain.put("/wx/topic/list","anon");
        chain.put("/wx/topic/detail","anon");
        chain.put("/wx/topic/related","anon");
        chain.put("/wx/brand/detail","anon");
        chain.put("/wx/brand/list","anon");
        chain.put("/wx/comment/list","anon");
        chain.put("/wx/coupon/receive","anon");
        chain.put("/wx/coupon/list","anon");
        chain.put("/wx/**","authc");

        chain.put("/login.jsp","anon");

        factoryBean.setFilterChainDefinitionMap(chain);
        return factoryBean;
    }

    @Bean
    public DefaultWebSecurityManager wxSecurityManager(SessionManager sessionManager,MarketAuthenticator authenticator){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        List<Realm> realmList = new ArrayList<>();
        // 在这里添加注册realm
        realmList.add(adminRealm);
        realmList.add(wxRealm);
        securityManager.setSessionManager(sessionManager);
        securityManager.setAuthenticator(authenticator);
        securityManager.setRealms(realmList);
        return securityManager;
    }

    //解决多用户认证分流问题，前提是自定义一个tooken，增加type属性，根据type完成realm分发
    @Bean
    public MarketAuthenticator authenticator(AdminRealm adminRealm, WxRealm wxRealm){
        MarketAuthenticator customAuthenticator = new MarketAuthenticator();
        ArrayList<Realm> realms = new ArrayList<>();
        realms.add(adminRealm);
        realms.add(wxRealm);
        customAuthenticator.setRealms(realms);
        return customAuthenticator;
    }
    //用注解的方式配置接口的权限，必须的组件
    @Bean
    public AuthorizationAttributeSourceAdvisor advisor( DefaultWebSecurityManager securityManager){
        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager);
        return advisor;
    }

    //跨域：浏览器默认不携带jsessionId的cookie,可以和前端约定一个专门的请求头，服务器将sessionid存在请求头，客户端构造请求头，
    //这个组件解决跨域问题DefaultWebSessionManager


}
